Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | All bytes of a page are initialized, even bytes that follow a 2-byte cell on a malformed page. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
7373a004ed0e2781cda503c73e9a94f2 |
| User & Date: | drh 2015-05-27 18:13:35 |
Context
|
2015-05-27
| ||
| 18:19 | Fix a minor and harmless memory leak in fuzzcheck. Adjust the makefiles to run fuzzcheck with --quiet on valgrind tests. (check-in: 8bfe8344 user: drh tags: trunk) | |
| 18:13 | All bytes of a page are initialized, even bytes that follow a 2-byte cell on a malformed page. (check-in: 7373a004 user: drh tags: trunk) | |
| 15:42 | A different approach to preventing buffer overreads when comparing a vector of values with a corrupt index record that spans at least one overflow page. (check-in: 95eaa49f user: drh tags: trunk) | |
Changes
Changes to src/btree.c.
6893 6894 6895 6896 6897 6898 6899 6900 6901 6902 6903 6904 6905 6906 6907 6908 6909 6910 6911 6912 6913 |
assert( leafCorrection==0 );
assert( pOld->hdrOffset==0 );
/* The right pointer of the child page pOld becomes the left
** pointer of the divider cell */
memcpy(apCell[nCell], &pOld->aData[8], 4);
}else{
assert( leafCorrection==4 );
if( szCell[nCell]<4 ){
/* Do not allow any cells smaller than 4 bytes. If a smaller cell
** does exist, pad it with 0x00 bytes. */
assert( szCell[nCell]==3 || CORRUPT_DB );
assert( apCell[nCell]==&aSpace1[iSpace1-3] || CORRUPT_DB );
aSpace1[iSpace1++] = 0x00;
szCell[nCell] = 4;
}
}
nCell++;
}
}
/*
|
| | |
6893 6894 6895 6896 6897 6898 6899 6900 6901 6902 6903 6904 6905 6906 6907 6908 6909 6910 6911 6912 6913 |
assert( leafCorrection==0 );
assert( pOld->hdrOffset==0 );
/* The right pointer of the child page pOld becomes the left
** pointer of the divider cell */
memcpy(apCell[nCell], &pOld->aData[8], 4);
}else{
assert( leafCorrection==4 );
while( szCell[nCell]<4 ){
/* Do not allow any cells smaller than 4 bytes. If a smaller cell
** does exist, pad it with 0x00 bytes. */
assert( szCell[nCell]==3 || CORRUPT_DB );
assert( apCell[nCell]==&aSpace1[iSpace1-3] || CORRUPT_DB );
aSpace1[iSpace1++] = 0x00;
szCell[nCell]++;
}
}
nCell++;
}
}
/*
|